From 94545775545ed8d3516b4fd149972e63e615628a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 24 Jan 2022 08:57:33 -0700 Subject: [PATCH 01/22] SHIBUI-2262 Adding addition driver for SQL Server --- backend/build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/build.gradle b/backend/build.gradle index f41778d28..15b192774 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -170,6 +170,7 @@ dependencies { runtimeOnly "org.postgresql:postgresql:42.2.20" runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:2.2.0' runtimeOnly 'mysql:mysql-connector-java:5.1.48' + runtimeOnly 'com.microsoft.sqlserver:mssql-jdbc:9.4.1.jre11' //Swagger compile 'io.springfox:springfox-swagger2:2.9.2' From 08f5d5e4b93aa409721a3959405660833da2f5c7 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 10 Mar 2022 11:36:42 -0700 Subject: [PATCH 02/22] SHIBUI-2262 Changes to work with SQLServer --- .../envers/MetadataResolverEnversVersioningTests.groovy | 7 +++---- .../admin/ui/service/JPAMetadataResolverServiceImpl.groovy | 2 +- .../tier/shibboleth/admin/ui/domain/AbstractAuditable.java | 6 +++--- .../ui/domain/resolvers/ClasspathMetadataResource.java | 6 +++--- .../ui/service/MetadataResolverConverterServiceImpl.java | 4 ++-- .../OpenSamlResourceBackedMetadataResolverTests.groovy | 4 ++-- .../ui/service/JPAMetadataResolverServiceImplTests.groovy | 4 ++-- .../shibboleth/admin/ui/util/TestObjectGenerator.groovy | 3 +-- 8 files changed, 17 insertions(+), 19 deletions(-) diff --git a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy index b468a2ffa..85e854d3d 100644 --- a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy +++ b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy @@ -14,7 +14,6 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetad import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme -import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.domain.EntityScan @@ -269,7 +268,7 @@ class MetadataResolverEnversVersioningTests extends Specification { when: ResourceBackedMetadataResolver resolver = new ResourceBackedMetadataResolver(name: 'rbmr').with { it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes(taskTimerRef: 'taskTimerRef') - it.classpathMetadataResource = new ClasspathMetadataResource(file: 'metadata.xml') + it.classpathMetadataResource = new ClasspathMetadataResource(setFileResource: 'metadata.xml') it } @@ -291,7 +290,7 @@ class MetadataResolverEnversVersioningTests extends Specification { when: resolver.name = 'rbmrUPDATED' resolver.reloadableMetadataResolverAttributes.taskTimerRef = 'taskTimerRefUPDATED' - resolver.classpathMetadataResource.file = 'metadataUPDATED.xml' + resolver.classpathMetadataResource.fileResource = 'metadataUPDATED.xml' resolverHistory = updateAndGetRevisionHistoryOfMetadataResolver(resolver, metadataResolverRepository, @@ -315,4 +314,4 @@ class MetadataResolverEnversVersioningTests extends Specification { getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L } -} +} \ No newline at end of file diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 79420f6d0..c82ff3480 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -419,7 +419,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { MetadataResource( 'xmlns:resource': 'urn:mace:shibboleth:2.0:resource', 'xsi:type': 'resource:ClasspathResource', - 'file': resolver.classpathMetadataResource.file) + 'file': resolver.classpathMetadataResource.fileResource) } childNodes() diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java index 6600307af..56d740240 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java @@ -42,13 +42,13 @@ public abstract class AbstractAuditable implements Auditable { @CreationTimestamp @CreatedDate - @Column(nullable = false, updatable = false, columnDefinition = "DATETIME(6)") + @Column(nullable = false, updatable = false, columnDefinition = "DATETIME") @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSSSSS") private LocalDateTime createdDate; @UpdateTimestamp @LastModifiedDate - @Column(nullable = false, columnDefinition = "DATETIME(6)") + @Column(nullable = false, columnDefinition = "DATETIME") @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSSSSS") private LocalDateTime modifiedDate; @@ -134,4 +134,4 @@ private static ZonedDateTime toZonedDateTime(LocalDateTime localDateTime) { .toZonedDateTime() .truncatedTo(ChronoUnit.MILLIS); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java index a3dc076ab..a76943378 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java @@ -15,6 +15,6 @@ @Setter @EqualsAndHashCode public class ClasspathMetadataResource { - - private String file; -} + // renamed from "file" to work with SQLServer + private String fileResource; +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java index 2343206a7..d0d20bd61 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java @@ -99,7 +99,7 @@ private OpenSamlResourceBackedMetadataResolver convertToOpenSamlRepresentation(R break; case CLASSPATH: resource = ResourceHelper.of(new ClassPathResource(placeholderResolverService() - .resolveValueFromPossibleTokenPlaceholder(resolver.getClasspathMetadataResource().getFile()))); + .resolveValueFromPossibleTokenPlaceholder(resolver.getClasspathMetadataResource().getFileResource()))); break; default: throw new RuntimeException("Unsupported resource type!"); @@ -153,4 +153,4 @@ public boolean isDirectory() { return true; } } -} +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy index 28223b2f8..52ae52374 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy @@ -15,10 +15,10 @@ class OpenSamlResourceBackedMetadataResolverTests extends Specification { def 'test refresh'() { when: def rbmr = new ResourceBackedMetadataResolver(name: 'test', xmlId: 'test', classpathMetadataResource: new ClasspathMetadataResource('metadata/metadata.xml')) - def x = new OpenSamlResourceBackedMetadataResolver(openSamlObjects.parserPool, null, rbmr, ResourceHelper.of(new ClassPathResource(rbmr.classpathMetadataResource.file))) + def x = new OpenSamlResourceBackedMetadataResolver(openSamlObjects.parserPool, null, rbmr, ResourceHelper.of(new ClassPathResource(rbmr.classpathMetadataResource.fileResource))) x.refilter() then: noExceptionThrown() } -} +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy index 703e44f7a..1550069b6 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy @@ -109,7 +109,7 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest { it.resourceId = "testme" it.name = "testme" it.classpathMetadataResource = new ClasspathMetadataResource().with { - it.file = "metadata/aggregate.xml" + it.fileResource = "metadata/aggregate.xml" it } it.metadataFilters.add(new EntityAttributesFilter().with { @@ -274,7 +274,7 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest { def resolver = new edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver().with { it.xmlId = 'ClasspathResourceMetadata' it.classpathMetadataResource = new ClasspathMetadataResource().with { - it.file = '/path/to/a/classpath/location/metadata.xml' + it.fileResource = '/path/to/a/classpath/location/metadata.xml' it } it diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy index bf17b107e..7b2865462 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy @@ -30,7 +30,6 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProt import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.SvnMetadataResource import edu.internet2.tier.shibboleth.admin.util.AttributeUtility import edu.internet2.tier.shibboleth.admin.util.MDDCConstants import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions @@ -607,7 +606,7 @@ class TestObjectGenerator { it.name = 'ClasspathResourceMetadata' it.xmlId = 'ClasspathResourceMetadata' it.classpathMetadataResource = new ClasspathMetadataResource().with { - it.file = 'metadata/metadata.xml' + it.fileResource = 'metadata/metadata.xml' it } it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes().with { From 279974c1d2ac292ef4a55749284ae8435cd8c556 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 10 Mar 2022 11:40:21 -0700 Subject: [PATCH 03/22] SHIBUI-2262 Testbed files for sqlserver --- testbed/sqlServer/conf/application.yml | 138 ++++++++++++++++++ testbed/sqlServer/conf/keystore.p12 | Bin 0 -> 2591 bytes testbed/sqlServer/conf/users.csv | 2 + testbed/sqlServer/docker-compose.yml | 29 ++++ testbed/sqlServer/docker/Dockerfile | 9 ++ .../sqlServer/docker/scripts/entrypoint.sh | 22 +++ testbed/sqlServer/docker/scripts/setup.sql | 10 ++ 7 files changed, 210 insertions(+) create mode 100644 testbed/sqlServer/conf/application.yml create mode 100644 testbed/sqlServer/conf/keystore.p12 create mode 100644 testbed/sqlServer/conf/users.csv create mode 100644 testbed/sqlServer/docker-compose.yml create mode 100644 testbed/sqlServer/docker/Dockerfile create mode 100755 testbed/sqlServer/docker/scripts/entrypoint.sh create mode 100644 testbed/sqlServer/docker/scripts/setup.sql diff --git a/testbed/sqlServer/conf/application.yml b/testbed/sqlServer/conf/application.yml new file mode 100644 index 000000000..1e48abf4d --- /dev/null +++ b/testbed/sqlServer/conf/application.yml @@ -0,0 +1,138 @@ +spring: + profiles: + include: + datasource: + platform: sqlserver + driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver + url: jdbc:sqlserver://db:1433 + username: sa + password: Password1 + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.SQLServerDialect +#server: +# port: 8443 +# ssl: +# key-store: "/conf/keystore.p12" +# key-store-password: "changeit" +# keyStoreType: "PKCS12" +# keyAlias: "tomcat" +shibui: + user-bootstrap-resource: file:/conf/users.csv + roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_PONY +custom: + attributes: + # Default attributes + - name: eduPersonPrincipalName + displayName: label.attribute-eduPersonPrincipalName + - name: uid + displayName: label.attribute-uid + - name: mail + displayName: label.attribute-mail + - name: surname + displayName: label.attribute-surname + - name: givenName + displayName: label.attribute-givenName + - name: eduPersonAffiliation + displayName: label.attribute-eduPersonAffiliation + - name: eduPersonScopedAffiliation + displayName: label.attribute-eduPersonScopedAffiliation + - name: eduPersonPrimaryAffiliation + displayName: label.attribute-eduPersonPrimaryAffiliation + - name: eduPersonEntitlement + displayName: label.attribute-eduPersonEntitlement + - name: eduPersonAssurance + displayName: label.attribute-eduPersonAssurance + - name: eduPersonUniqueId + displayName: label.attribute-eduPersonUniqueId + - name: employeeNumber + displayName: label.attribute-employeeNumber + # Custom attributes + overrides: + # Default overrides + - name: signAssertion + displayName: label.sign-the-assertion + displayType: boolean + defaultValue: false + helpText: tooltip.sign-assertion + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions + attributeFriendlyName: signAssertions + - name: dontSignResponse + displayName: label.dont-sign-the-response + displayType: boolean + defaultValue: false + helpText: tooltip.dont-sign-response + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses + attributeFriendlyName: signResponses + - name: turnOffEncryption + displayName: label.turn-off-encryption-of-response + displayType: boolean + defaultValue: false + helpText: tooltip.turn-off-encryption + attributeName: http://shibboleth.net/ns/profiles/encryptAssertions + attributeFriendlyName: encryptAssertions + - name: useSha + displayName: label.use-sha1-signing-algorithm + displayType: boolean + defaultValue: false + helpText: tooltip.usa-sha-algorithm + persistType: string + persistValue: shibboleth.SecurityConfiguration.SHA1 + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + attributeFriendlyName: securityConfiguration + - name: ignoreAuthenticationMethod + displayName: label.ignore-any-sp-requested-authentication-method + displayType: boolean + defaultValue: false + helpText: tooltip.ignore-auth-method + persistType: string + persistValue: 0x1 + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + attributeFriendlyName: disallowedFeatures + - name: omitNotBefore + displayName: label.omit-not-before-condition + displayType: boolean + defaultValue: false + helpText: tooltip.omit-not-before-condition + attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore + attributeFriendlyName: includeConditionsNotBefore + - name: responderId + displayName: label.responder-id + displayType: string + defaultValue: null + helpText: tooltip.responder-id + attributeName: http://shibboleth.net/ns/profiles/responderId + attributeFriendlyName: responderId + - name: nameIdFormats + displayName: label.nameid-format-to-send + displayType: set + helpText: tooltip.nameid-format + defaultValues: + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence + attributeFriendlyName: nameIDFormatPrecedence + - name: authenticationMethods + displayName: label.authentication-methods-to-use + displayType: set + helpText: tooltip.authentication-methods-to-use + defaultValues: + - https://refeds.org/profile/mfa + - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken + - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + - name: forceAuthn + displayName: label.force-authn + displayType: boolean + defaultValue: false + helpText: tooltip.force-authn + attributeName: http://shibboleth.net/ns/profiles/forceAuthn + attributeFriendlyName: forceAuthn +logging: + level: + org.pac4j: "TRACE" + org.opensaml: "INFO" \ No newline at end of file diff --git a/testbed/sqlServer/conf/keystore.p12 b/testbed/sqlServer/conf/keystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..57f9c162a6953c21e77cf24451d52a9d3fa5cd54 GIT binary patch literal 2591 zcmY+EXEYlM8^+#;9KJd*1inb3Z)iIp_EPKhMV>97D|oBqN7osHVVFVlnzLKj_FP$qF%41Q3R* z^9r}YF%+)Wm1*z9WVf@%JDMN3TvEX07$;TX^lxG0$V|M==T7l`GEyXPdw zXm@Syfq*ghPdN9rC^82iIiSk~gaP$MoHrr;heS_|UuGmN=cS{B0tJIUb0I?8*yTo7 z<;eF;9*tyN_u(*2@@PrdCWF2Dy0D}1o_X_!#ZZ`{?D%G$xW!6I082tT@kNaVWLI$y zQ?{iJZ+N@ftfv2ER`h<1Ps33b3x`zD#Xa^Yls;WQ*yFh6Z4hzUNZY5VhP!2ryOY5V zKGpR+arsS!Krgf}A<6#C2})#Ie`zQ4&PMp_lE|YAC+E}i=UDu!=&HTo~B0gi(9cejrUwu@8hK)P4Ppc|?PGVI38Hao~@kTe57RrfAV`uiHpU&|;rw>h&9Ew=! zLMynJ&c~u{@IoN*@p6@(O;6g*)m@_r4f!y92e%+LL89f0jf2D#yd<5tn%y@)<=-63 z6_0Wk384``Yo}vPAw_V9)L#x);zJ`87Rrq4-DfRRQ`^s@Lrj#H(Pe=Mp7Po8fC#js zcSJ_PtVsY!pJk}CFP;k7O zc_`Dqty6pqp_B4@A5ys8D~azqv>9f*uX6D_`SXt6#4yP$g|~+Vfroy_?Yb-~gYqI0 z5mLA&`cD56Gh6EF>7>Bz6Bov(Oh|U|)q=+_KUMmMQaoWc_bHRFt>yS2`2PdR_MWAzBqHlq;FHp;4?3i-pX#W148gm~V-UUZ|n*JjzAkUSFq zttV7Z>+Y5zw~xD0q0bHr6tPBYk<@ZRYqSC5C5LJiSzj9x*Jfz5<(#IULa0K099m|`{ksz@rub0J!&%HoKuFUrr zWXg;<+Bqmkm+RPThvHeaFl2lIUw}{=`hIFH2F^riQ@cgPRe##VOlhq{C!$y zVj2oh;|;i+c{#2fJ1b-;B#$QNMnLR@eci$$qQ-ms7bc++#f`<^nCMftG;_6g7RkDG zS)Avgii(ZQLOp!MllH-jXVki-(HWhVnKy&7Tl@B)y!#8xCT>ULqi)rNN;h#Q7CxqR zte=q-)bmc(SCU!-g{|J;c?pUaD+SJP9LH%`RA><;$y;@hzcxf~7(I>Z(q(f{zf_Xe zf^+??N-7p<2rn(b58wsx0N4W_0sP?n|Aeg4EFh+Pt{#q1X?a;iWkm%Ac?CFJ`bwTg zf0ro1S3Xt0Ldrlgz}1rZCn5WnVZr|~tkqHEp57>;w2?YVbCA+_xIaH;_`imYz>t%= zKLnhg96NO9Of%ipR@Ct?o8CRsk7X;lAXwe>=H7+*|55nmS)}2Ts|&f1Nl>z1 zPp%bXaadZ_SSnSH-ijLuA8bkgxt3k0e=KaXxvasg01EAO&U?ELSmNRS@Vih`O`n~! zm(iL%2^WSEvkM+EsF_lT1D_e@M-l3VUhD?z3@NL5yD$To`Q|y$2lZz@8Gr zH4a-TtEoQ|2cur+F-BXgKL4tkHyAja?^>!LPV8%yz$IX7t45YvZQo#J^&uiR-_S?` zVVZok0mHxl`d(kE5k+c?f|#$W$oE!N?wV_-Lx@?LcLHxvUivKu_Ty)u3Fn#qSoD1Z z)q5K^gp<}bKZ1pR>6t{YF4aubO9b>EsG|8Ic|MxD@?c@p>&n6>r)Kdcl7DnwQx*!? zqN|mP_On)F72tRv9Ka}`BR`D!)Z6uX6A@!OR6q&@dJtSP&2tHt*YNx*)eyv6=1@=1 z0Ny4nsx!gKdBZ)?43Q@1JQD0EntJm%-;=l00}SIaB7KE>E%tK`$J1|Vk{ZzCy#=0( zrOIhoXp~QXrmT;gp5{^Jz8Ls+TQIjTzYevT&yv94>ouv1?~>VU#n%gf$6Xt~E(ERD zK;m4byGfL*a9YtUngDy?_Brb@jq?t0C5>?`p)fW$*MQBkF|Ww#RnhSC@RkIWjKknZ zBLec1=wR==k~K5LiB(-Ox;}hz-_=vlV^IAz9_d%ru;Fawb=wBT7=0Z)%sJL=ETE z1K}_i-IeO_F;spY)>~=*tiy^f*X(CwGuxLIb|s@IL$=*RKp0_k{sq}UzfGV^$P=R# z0ouf)?@zmvOBRng}=n%+lMZ$8fk6z%zIgz@9-Z^#c&dEhz zjy_f~4KC~7h);(y-@3i8#%7D{ip3I?%)J>p*up#)iL;26E8bS&fw=+*E z&@<&p2yJD Date: Thu, 9 Jun 2022 13:46:08 -0700 Subject: [PATCH 04/22] SHIBUI-2262 Merge develop to branch with test fix --- .../envers/MetadataResolverEnversVersioningTests.groovy | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy index 85e854d3d..6d976a033 100644 --- a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy +++ b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy @@ -268,7 +268,7 @@ class MetadataResolverEnversVersioningTests extends Specification { when: ResourceBackedMetadataResolver resolver = new ResourceBackedMetadataResolver(name: 'rbmr').with { it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes(taskTimerRef: 'taskTimerRef') - it.classpathMetadataResource = new ClasspathMetadataResource(setFileResource: 'metadata.xml') + it.classpathMetadataResource = new ClasspathMetadataResource(fileResource: 'metadata.xml') it } @@ -282,7 +282,7 @@ class MetadataResolverEnversVersioningTests extends Specification { resolverHistory.size() == 1 getTargetEntityForRevisionIndex(resolverHistory, 0).name == 'rbmr' getTargetEntityForRevisionIndex(resolverHistory, 0).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRef' - getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.file == 'metadata.xml' + getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.fileResource == 'metadata.xml' getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L getModifiedEntityNames(resolverHistory, 0).sort() == expectedModifiedPersistentEntities.sort() @@ -302,7 +302,7 @@ class MetadataResolverEnversVersioningTests extends Specification { resolverHistory.size() == 2 getTargetEntityForRevisionIndex(resolverHistory, 1).name == 'rbmrUPDATED' getTargetEntityForRevisionIndex(resolverHistory, 1).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRefUPDATED' - getTargetEntityForRevisionIndex(resolverHistory, 1).classpathMetadataResource.file == 'metadataUPDATED.xml' + getTargetEntityForRevisionIndex(resolverHistory, 1).classpathMetadataResource.fileResource == 'metadataUPDATED.xml' getRevisionEntityForRevisionIndex(resolverHistory, 1).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 1).timestamp > 0L getModifiedEntityNames(resolverHistory, 1).sort() == expectedModifiedPersistentEntities.sort() @@ -310,7 +310,7 @@ class MetadataResolverEnversVersioningTests extends Specification { //Check the original revision is intact getTargetEntityForRevisionIndex(resolverHistory, 0).name == 'rbmr' getTargetEntityForRevisionIndex(resolverHistory, 0).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRef' - getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.file == 'metadata.xml' + getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.fileResource == 'metadata.xml' getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L } From 99977aeb68b2c6dd861c74abce120dd498e7fb9f Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 09:53:13 -0700 Subject: [PATCH 05/22] SHIBUI-2273 --- backend/build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/build.gradle b/backend/build.gradle index 55549097e..887d2e86e 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -174,6 +174,7 @@ dependencies { runtimeOnly 'org.postgresql:postgresql:42.3.4' runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:3.0.4' runtimeOnly 'mysql:mysql-connector-java:8.0.29' + //SQL Server? //Swagger compile 'io.springfox:springfox-swagger2:2.9.2' From f87e1bc1027e7edcb1fe0d2119046e4ba6b4b8a1 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 10:16:02 -0700 Subject: [PATCH 06/22] SHIBUI-2273 merging shibui-2262 --- backend/build.gradle | 8 ++++---- gradle.properties | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/backend/build.gradle b/backend/build.gradle index 90cc83503..e2c4936e0 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -171,10 +171,10 @@ dependencies { runtimeOnly 'org.glassfish.jaxb:jaxb-runtime:2.3.0' compile "com.h2database:h2" - runtimeOnly 'org.postgresql:postgresql:42.3.4' - runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:3.0.4' - runtimeOnly 'mysql:mysql-connector-java:8.0.29' - runtimeOnly 'com.microsoft.sqlserver:mssql-jdbc:9.4.1.jre11' + runtimeOnly "org.postgresql:postgresql:${project.'postgresVersion'}" + runtimeOnly "org.mariadb.jdbc:mariadb-java-client:${project.'mariadbVersion'}" + runtimeOnly "mysql:mysql-connector-java:${project.'mysqlVersion'}" + runtimeOnly "com.microsoft.sqlserver:mssql-jdbc:${project.'sqlserverVersion'}" //Swagger compile 'io.springfox:springfox-swagger2:2.9.2' diff --git a/gradle.properties b/gradle.properties index f645de2d4..9fb07eccf 100644 --- a/gradle.properties +++ b/gradle.properties @@ -19,6 +19,12 @@ springbootVersion=2.5.12 springSecurityVersion=5.6.3 # springSecurityVersion=5.7.1 +### DB Driver Versions ### +mariadbVersion=3.0.4 +mysqlVersion=8.0.29 +postgresVersion=42.3.4 +sqlserverVersion=9.4.1.jre11 + org.gradle.jvmargs=-Xmx1g -XX:-UseGCOverheadLimit # set token in personal global From 47bc15390879cae076c1ac2dc1cce2e36f89d1ee Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 15:41:48 -0700 Subject: [PATCH 07/22] SHIBUI-2273 Setup liquidbase to run for SQL SERVER --- .../CustomEntityAttributeDefinition.java | 4 +-- .../admin/ui/domain/LocalizedName.java | 4 ++- .../admin/ui/domain/OrganizationURL.java | 2 +- .../src/main/resources/application.properties | 3 +- .../main/resources/db/changelog/changelog.sql | 29 +++++++++++++++++++ 5 files changed, 37 insertions(+), 5 deletions(-) create mode 100644 backend/src/main/resources/db/changelog/changelog.sql diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java index f1d14911a..6e7ced3e2 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java @@ -35,7 +35,7 @@ public class CustomEntityAttributeDefinition implements IRelyingPartyOverridePro @ElementCollection @CollectionTable(name = "custom_entity_attr_list_items", joinColumns = @JoinColumn(name = "name")) @Fetch(FetchMode.JOIN) - @Column(name = "value", nullable = false) + @Column(name = "item_value", nullable = false) Set customAttrListDefinitions = new HashSet<>(); @Column(name = "default_value", nullable = true) @@ -114,4 +114,4 @@ public void setName(String name) { public void updateExamplesList() { examples = customAttrListDefinitions; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java index e0a54d494..3f7dcb48e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java @@ -3,6 +3,7 @@ import org.hibernate.envers.Audited; import javax.annotation.Nullable; +import javax.persistence.Column; import javax.persistence.MappedSuperclass; @MappedSuperclass @@ -11,6 +12,7 @@ public class LocalizedName extends AbstractXMLObject implements org.opensaml.sam private String xMLLang; + @Column(name = "name_value") private String value; @Nullable @@ -34,4 +36,4 @@ public String getValue() { public void setValue(@Nullable String value) { this.value = value; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java index c8e556695..625e96379 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java @@ -14,7 +14,7 @@ public class OrganizationURL extends AbstractXMLObject implements org.opensaml.s private String xMLLang; - @Column(name="value") + @Column(name="uri_value") private String uri; @Nullable diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index 0556e5b45..a0d50725f 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -37,7 +37,8 @@ spring.jackson.mapper.accept-case-insensitive-enums=true #spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDBDialect # Liquibase properties -spring.liquibase.enabled=false +spring.liquibase.enabled=true +spring.liquibase.change-log=db/changelog/changelog.sql # Hibernate properties # for production never ever use create, create-drop. It's BEST to use validate diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql new file mode 100644 index 000000000..cfdf5bc02 --- /dev/null +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -0,0 +1,29 @@ +-- liquibase formatted sql + +-- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT 1 FROM users +-- comment: /* we don't need to run this if the system is new */ +ALTER TABLE resource_backed_metadata_resolver + RENAME file TO file_resource; +GO +ALTER TABLE organizationurl + RENAME 'value' TO 'uri_value'; +GO + +-- changeset liquibase:1.11.0 dbms:mssql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ +EXEC sp_rename 'organizationurl.value', uri_value, 'COLUMN' +GO +EXEC sp_rename 'custom_entity_attr_list_items.value', item_value, 'COLUMN' +GO +EXEC sp_rename 'organization_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'organization_display_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'service_description.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'service_name.value', name_value, 'COLUMN' +GO \ No newline at end of file From 7809cfed0aec68dadd3ecc728d740404f9a903ab Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 16:45:04 -0700 Subject: [PATCH 08/22] SHIBUI-2273 Setup liquidbase to run for POSTGRES --- .../main/resources/db/changelog/changelog.sql | 18 +++++++++++++++--- testbed/postgres/docker-compose.yml | 2 +- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index cfdf5bc02..3b3c84fb3 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -2,13 +2,25 @@ -- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql -- preconditions onFail:MARK_RAN --- precondition-sql-check expectedResult:1 SELECT 1 FROM users +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ ALTER TABLE resource_backed_metadata_resolver - RENAME file TO file_resource; + RENAME "file" TO "file_resource"; GO ALTER TABLE organizationurl - RENAME 'value' TO 'uri_value'; + RENAME "value" TO "uri_value"; +GO +ALTER TABLE organization_name + RENAME "value" TO "name_value"; +GO +ALTER TABLE organization_display_name + RENAME "value" TO "name_value"; +GO +ALTER TABLE service_description + RENAME "value" TO "name_value"; +GO +ALTER TABLE service_name + RENAME "value" TO "name_value"; GO -- changeset liquibase:1.11.0 dbms:mssql diff --git a/testbed/postgres/docker-compose.yml b/testbed/postgres/docker-compose.yml index 593ceb1fc..c66b591a8 100644 --- a/testbed/postgres/docker-compose.yml +++ b/testbed/postgres/docker-compose.yml @@ -11,7 +11,7 @@ services: networks: - front ports: - - 3306:3306 + - 5432:5432 shibui: image: unicon/shibui ports: From 2e8233dbc59b13eba67ce0b9c6cd29317fe83f80 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 17:11:32 -0700 Subject: [PATCH 09/22] SHIBUI-2273 Readme for liquibase --- .../src/main/resources/db/changelog/README.txt | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 backend/src/main/resources/db/changelog/README.txt diff --git a/backend/src/main/resources/db/changelog/README.txt b/backend/src/main/resources/db/changelog/README.txt new file mode 100644 index 000000000..2ebb5d59f --- /dev/null +++ b/backend/src/main/resources/db/changelog/README.txt @@ -0,0 +1,18 @@ +Understanding the liquidbase changelog.sql file + +" -- liquibase formatted sql" - this is required at the top of this file " + +" -- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql " +This indicates a change set and the version - please use the release version that the change matches so that looking at the DB should +give a good indication of what has been run. + +The dbms section indicates which DBs the changeset that follows is valid to be run on. If this is not present, Liquidbase will try +to run the changeset always. + +" -- preconditions onFail:MARK_RAN " +" -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' " + +@see - https://docs.liquibase.com/concepts/changelogs/preconditions.html +The check here is looking to see if the schema has been built out yet. If it has not, then the db is new and will be created +correctly without needing to be updated, so MARK_RAN ensures that the given changeset will not be run, but will be added to the +liquibase changesetlog table indicating that it was checked. \ No newline at end of file From ef900fc628311365b7d5cae9e31b5cb45a1fab6f Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 15 Jun 2022 10:05:10 -0700 Subject: [PATCH 10/22] SHIBUI-2273 Updates: added missing tables and aud tables to the sql updates, updated the springboot and hibernate versions to newer versions, updated the settings to work with the newer version of springboot which uses a different library for path pattern matching. --- .../filters/EntityAttributesFilterTarget.java | 2 +- .../filters/NameIdFormatFilterTarget.java | 2 + .../src/main/resources/application.properties | 4 ++ .../main/resources/db/changelog/changelog.sql | 67 +++++++++++++++++-- gradle.properties | 8 +-- 5 files changed, 73 insertions(+), 10 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java index a7959dbbf..e2ed028a0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java @@ -26,7 +26,7 @@ public class EntityAttributesFilterTarget extends AbstractAuditable implements I @ElementCollection (fetch = FetchType.EAGER) @OrderColumn - @Column(length = 760) + @Column(length = 760, name="target_value") private List value; public EntityAttributesFilterTargetType getEntityAttributesFilterTargetType() { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java index 90445ff75..3a5bfe9da 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java @@ -8,6 +8,7 @@ import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; +import javax.persistence.Column; import javax.persistence.ElementCollection; import javax.persistence.Entity; import javax.persistence.OrderColumn; @@ -27,6 +28,7 @@ public class NameIdFormatFilterTarget extends AbstractAuditable implements IFilt @ElementCollection @OrderColumn + @Column(name="target_value") private List value; public NameIdFormatFilterTargetType getNameIdFormatFilterTargetType() { diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index b126439d5..dd02864b0 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -9,6 +9,9 @@ logging.level.org.springframework=INFO logging.level.edu.internet2.tier.shibboleth.admin.ui=INFO spring.main.allow-bean-definition-overriding=true +# "In Spring MVC, the path was previously analyzed by AntPathMatcher, but it was changed to use PathPatternParser introduced in WebFlux from Spring 5.3.0." +# we still have the option to use ant path matcher thus keeping existing configuration from having to change +spring.mvc.pathmatch.matching-strategy=ant_path_matcher # Database Credentials spring.datasource.username=shibui @@ -109,6 +112,7 @@ shibui.roles.authenticated=ADMIN,ENABLE,USER #docker container shibui.beacon-enabled=true +### Swagger/Springdoc patterns springdoc.use-management-port=true springdoc.swagger-ui.tagsSorter: alpha springdoc.writer-with-order-by-keys: true diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 3b3c84fb3..911f36cb9 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -4,38 +4,95 @@ -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ -ALTER TABLE resource_backed_metadata_resolver - RENAME "file" TO "file_resource"; +ALTER TABLE custom_entity_attr_list_items + RENAME "value" TO "item_value"; +GO +ALTER TABLE custom_entity_attr_list_items_aud + RENAME "value" TO "item_value"; +GO +ALTER TABLE entity_attributes_filter_target_value + RENAME "value" TO "target_value"; +GO +ALTER TABLE entity_attributes_filter_target_value_aud + RENAME "value" TO "target_value"; +GO +ALTER TABLE name_id_format_filter_target_value + RENAME "value" TO "target_value"; +GO +ALTER TABLE name_id_format_filter_target_value_aud + RENAME "value" TO "target_value"; GO ALTER TABLE organizationurl RENAME "value" TO "uri_value"; GO +ALTER TABLE organizationurl_aud + RENAME "value" TO "uri_value"; +GO +ALTER TABLE organization_display_name + RENAME "value" TO "name_value"; +GO +ALTER TABLE organization_display_name_aud + RENAME "value" TO "name_value"; +GO ALTER TABLE organization_name RENAME "value" TO "name_value"; GO -ALTER TABLE organization_display_name +ALTER TABLE organization_name_aud RENAME "value" TO "name_value"; GO +ALTER TABLE resource_backed_metadata_resolver + RENAME "file" TO "file_resource"; +GO +ALTER TABLE resource_backed_metadata_resolver_aud + RENAME "file" TO "file_resource"; +GO ALTER TABLE service_description RENAME "value" TO "name_value"; GO +ALTER TABLE service_description_aud + RENAME "value" TO "name_value"; +GO ALTER TABLE service_name RENAME "value" TO "name_value"; GO +ALTER TABLE service_name_aud + RENAME "value" TO "name_value"; +GO + -- changeset liquibase:1.11.0 dbms:mssql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ +EXEC sp_rename 'custom_entity_attr_list_items.value', item_value, 'COLUMN' +GO +EXEC sp_rename 'custom_entity_attr_list_items_aud.value', item_value, 'COLUMN' +GO +EXEC sp_rename 'entity_attributes_filter_target_value.value', target_value, 'COLUMN' +GO +EXEC sp_rename 'entity_attributes_filter_target_value_aud.value', target_value, 'COLUMN' +GO +EXEC sp_rename 'name_id_format_filter_target_value', target_value, 'COLUMN' +GO +EXEC sp_rename 'name_id_format_filter_target_value_aud', target_value, 'COLUMN' +GO EXEC sp_rename 'organizationurl.value', uri_value, 'COLUMN' GO -EXEC sp_rename 'custom_entity_attr_list_items.value', item_value, 'COLUMN' +EXEC sp_rename 'organizationurl_aud.value', uri_value, 'COLUMN' +GO +EXEC sp_rename 'organization_display_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'organization_display_name_aud.value', name_value, 'COLUMN' GO EXEC sp_rename 'organization_name.value', name_value, 'COLUMN' GO -EXEC sp_rename 'organization_display_name.value', name_value, 'COLUMN' +EXEC sp_rename 'organization_name_aud.value', name_value, 'COLUMN' GO EXEC sp_rename 'service_description.value', name_value, 'COLUMN' GO +EXEC sp_rename 'service_description_aud.value', name_value, 'COLUMN' +GO EXEC sp_rename 'service_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'service_name_aud.value', name_value, 'COLUMN' GO \ No newline at end of file diff --git a/gradle.properties b/gradle.properties index 9fb07eccf..fdbf3f56a 100644 --- a/gradle.properties +++ b/gradle.properties @@ -5,8 +5,8 @@ version=1.11.0-SNAPSHOT ### library versions ### commonsCollections4Version=4.4 cryptacularVersion=1.2.4 -hibernateVersion=5.5.0.Final -#hibernateVersion=5.6.9.Final +#hibernateVersion=5.5.0.Final +hibernateVersion=5.6.9.Final luceneVersion=8.1.1 log4JVersion=2.17.2 lombokVersion=5.3.3.3 @@ -14,8 +14,8 @@ opensamlVersion=4.2.0 pac4JVersion=5.4.3 pac4jSpringSecurityVersion=7.0.3 shibbolethVersion=4.2.1 -springbootVersion=2.5.12 -#springbootVersion=2.7.0 +#springbootVersion=2.5.12 +springbootVersion=2.7.0 springSecurityVersion=5.6.3 # springSecurityVersion=5.7.1 From 3b5a6efe25fa0028f99063800dc5c47931ee832d Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 15 Jun 2022 10:55:04 -0700 Subject: [PATCH 11/22] SHIBUI-2273 update version of spring security properties file cleanup --- backend/src/main/resources/application.properties | 2 +- gradle.properties | 13 ++----------- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index dd02864b0..ba1b8f20f 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -19,7 +19,7 @@ spring.datasource.password=shibui # Database Configuration H2 spring.datasource.url=jdbc:h2:mem:shibui;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE -spring.datasource.platform=h2 +spring.sql.init.platform=h2 spring.datasource.driverClassName=org.h2.Driver spring.jpa.database-platform=org.hibernate.dialect.H2Dialect spring.h2.console.enabled=true diff --git a/gradle.properties b/gradle.properties index fdbf3f56a..f891afd02 100644 --- a/gradle.properties +++ b/gradle.properties @@ -5,7 +5,6 @@ version=1.11.0-SNAPSHOT ### library versions ### commonsCollections4Version=4.4 cryptacularVersion=1.2.4 -#hibernateVersion=5.5.0.Final hibernateVersion=5.6.9.Final luceneVersion=8.1.1 log4JVersion=2.17.2 @@ -14,10 +13,8 @@ opensamlVersion=4.2.0 pac4JVersion=5.4.3 pac4jSpringSecurityVersion=7.0.3 shibbolethVersion=4.2.1 -#springbootVersion=2.5.12 springbootVersion=2.7.0 -springSecurityVersion=5.6.3 -# springSecurityVersion=5.7.1 +springSecurityVersion=5.7.1 ### DB Driver Versions ### mariadbVersion=3.0.4 @@ -35,10 +32,4 @@ i2.github.apiEndpoint=https://github.internet2.edu/api/v3 ## NOTES # pac4j spring security 7.0.3 here uses the pac4j 5.4.3 core, thus differences in versions (they used use the same versions, now -# keeping them in sync takes paying attention -# -# Springboot 2.7.0 and Hibernate 5.6.9 are current, but don't like all the columns named "value" in the db (along with H2), so don't -# update to these versions until ready to migrate the database columns. (the tests fail under these versions because the test database -# doesn't work). -# -# Additionally, springbootsecurity for tests doesn't like 5.7.1 \ No newline at end of file +# keeping them in sync takes paying attention \ No newline at end of file From 478e20900b9b0f6aeacb531afed522136b845c6a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 23 Jun 2022 09:22:57 -0700 Subject: [PATCH 12/22] SHIBUI-2273 Corrections for MySQL --- .../main/resources/db/changelog/changelog.sql | 62 ++++++++++++++++++- 1 file changed, 61 insertions(+), 1 deletion(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 911f36cb9..561280f58 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -1,6 +1,66 @@ -- liquibase formatted sql --- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql +-- changeset liquibase:1.11.0 dbms:mysql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ +ALTER TABLE custom_entity_attr_list_items + CHANGE value item_value varchar(255); +GO +ALTER TABLE custom_entity_attr_list_items_aud + CHANGE value item_value varchar(255); +GO +ALTER TABLE entity_attributes_filter_target_value + CHANGE value target_value varchar(255); +GO +ALTER TABLE entity_attributes_filter_target_value_aud + CHANGE value target_value varchar(255); +GO +ALTER TABLE name_id_format_filter_target_value + CHANGE value target_value varchar(255); +GO +ALTER TABLE name_id_format_filter_target_value_aud + CHANGE value target_value varchar(255); +GO +ALTER TABLE organizationurl + CHANGE value uri_value varchar(255); +GO +ALTER TABLE organizationurl_aud + CHANGE value uri_value varchar(255); +GO +ALTER TABLE organization_display_name + CHANGE value name_value varchar(255); +GO +ALTER TABLE organization_display_name_aud + CHANGE value name_value varchar(255); +GO +ALTER TABLE organization_name + CHANGE value name_value varchar(255); +GO +ALTER TABLE organization_name_aud + CHANGE value name_value varchar(255); +GO +ALTER TABLE resource_backed_metadata_resolver + CHANGE file file_resource varchar(255); +GO +ALTER TABLE resource_backed_metadata_resolver_aud + CHANGE file file_resource varchar(255); +GO +ALTER TABLE service_description + CHANGE value name_value varchar(255); +GO +ALTER TABLE service_description_aud + CHANGE value name_value varchar(255); +GO +ALTER TABLE service_name + CHANGE value name_value varchar(255); +GO +ALTER TABLE service_name_aud + CHANGE value name_value varchar(255); +GO + + +-- changeset liquibase:1.11.0 dbms:mariadb,postgresql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ From 7d808b46fd31626a8d852f21245806331ad18c10 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 23 Jun 2022 09:57:02 -0700 Subject: [PATCH 13/22] Updated min/max refresh for providers --- .../file-system-metadata-provider.schema.json | 16 +++++++-------- .../main/resources/i18n/messages.properties | 2 +- .../resources/i18n/messages_en.properties | 2 +- .../schema/provider/file-system.schema.json | 20 +++++++++---------- .../provider/filebacked-http.schema.json | 10 ++++++++-- ui/src/app/metadata/domain/data.js | 14 +++++++++++++ ...ileBackedHttpMetadataProviderDefinition.js | 6 +++--- .../FileSystemMetadataProviderDefinition.js | 6 +++--- .../metadata/wizard/MetadataProviderWizard.js | 2 +- 9 files changed, 47 insertions(+), 31 deletions(-) diff --git a/backend/src/main/resources/file-system-metadata-provider.schema.json b/backend/src/main/resources/file-system-metadata-provider.schema.json index 7969495f2..a4db5a52d 100644 --- a/backend/src/main/resources/file-system-metadata-provider.schema.json +++ b/backend/src/main/resources/file-system-metadata-provider.schema.json @@ -1,11 +1,6 @@ { "type": "object", - "required": [ - "name", - "@type", - "xmlId", - "metadataFile" - ], + "required": ["name", "@type", "xmlId", "metadataFile"], "properties": { "name": { "title": "label.metadata-provider-name-dashboard-display-only", @@ -47,18 +42,21 @@ }, "reloadableMetadataResolverAttributes": { "type": "object", + "required": ["minRefreshDelay", "maxRefreshDelay"], "properties": { "minRefreshDelay": { "title": "label.min-refresh-delay", "description": "tooltip.min-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT5M" }, "maxRefreshDelay": { "title": "label.max-refresh-delay", "description": "tooltip.max-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT4H" }, "refreshDelayFactor": { "title": "label.refresh-delay-factor", @@ -71,4 +69,4 @@ } } } -} \ No newline at end of file +} diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 0a7880b36..2513a7c87 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -684,7 +684,7 @@ tooltip.retained-roles=Note that property replacement cannot be used on this ele tooltip.remove-roleless-entity-descriptors=Controls whether to keep entity descriptors that contain no roles. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one role descriptor. tooltip.remove-empty-entities-descriptors=Controls whether to keep entities descriptors that contain no entity descriptors. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one child element, either an element or an element. -tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. +tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. Setting this to 0 will result in the default value being used. tooltip.max-refresh-delay=Upper bound on the next refresh from the time calculated based on the metadata\u0027s expiration. tooltip.refresh-delay-factor=A factor applied to the initially determined refresh time in order to determine the next refresh time (typically to ensure refresh takes place prior to the metadata\u0027s expiration). Attempts to refresh metadata will generally begin around the product of this number and the maximum refresh delay. tooltip.resolve-via-predicates-only=Flag indicating whether resolution may be performed solely by applying predicates to the entire metadata collection, when an entityID input criterion is not supplied. diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties index f9f64d4d2..40d17ae7e 100644 --- a/backend/src/main/resources/i18n/messages_en.properties +++ b/backend/src/main/resources/i18n/messages_en.properties @@ -531,7 +531,7 @@ tooltip.retained-roles=Note that property replacement cannot be used on this ele tooltip.remove-roleless-entity-descriptors=Controls whether to keep entity descriptors that contain no roles. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one role descriptor. tooltip.remove-empty-entities-descriptors=Controls whether to keep entities descriptors that contain no entity descriptors. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one child element, either an element or an element. -tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. +tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. Setting this to 0 will result in the default value being used. tooltip.max-refresh-delay=Upper bound on the next refresh from the time calculated based on the metadata\u0027s expiration. tooltip.refresh-delay-factor=A factor applied to the initially determined refresh time in order to determine the next refresh time (typically to ensure refresh takes place prior to the metadata\u0027s expiration). Attempts to refresh metadata will generally begin around the product of this number and the maximum refresh delay. tooltip.resolve-via-predicates-only=Flag indicating whether resolution may be performed solely by applying predicates to the entire metadata collection, when an entityID input criterion is not supplied. diff --git a/ui/public/assets/schema/provider/file-system.schema.json b/ui/public/assets/schema/provider/file-system.schema.json index 38d0d90e3..a4db5a52d 100644 --- a/ui/public/assets/schema/provider/file-system.schema.json +++ b/ui/public/assets/schema/provider/file-system.schema.json @@ -1,15 +1,10 @@ { "type": "object", - "required": [ - "name", - "@type", - "xmlId", - "metadataFile" - ], + "required": ["name", "@type", "xmlId", "metadataFile"], "properties": { "name": { "title": "label.metadata-provider-name-dashboard-display-only", - "description": "tooltip.metadata-provider-name-dashboard-display-only", + "description": "tooltip.metadata-provider-name", "type": "string", "widget": { "id": "string", @@ -20,7 +15,7 @@ "title": "label.metadata-provider-type", "description": "tooltip.metadata-provider-type", "type": "string", - "const": "FilesystemMetadataResolver" + "default": "FilesystemMetadataResolver" }, "xmlId": { "title": "label.xml-id", @@ -47,18 +42,21 @@ }, "reloadableMetadataResolverAttributes": { "type": "object", + "required": ["minRefreshDelay", "maxRefreshDelay"], "properties": { "minRefreshDelay": { "title": "label.min-refresh-delay", "description": "tooltip.min-refresh-delay", "type": "string", - "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT5M" }, "maxRefreshDelay": { "title": "label.max-refresh-delay", "description": "tooltip.max-refresh-delay", "type": "string", - "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT4H" }, "refreshDelayFactor": { "title": "label.refresh-delay-factor", @@ -71,4 +69,4 @@ } } } -} \ No newline at end of file +} diff --git a/ui/public/assets/schema/provider/filebacked-http.schema.json b/ui/public/assets/schema/provider/filebacked-http.schema.json index 860733486..77f415b43 100644 --- a/ui/public/assets/schema/provider/filebacked-http.schema.json +++ b/ui/public/assets/schema/provider/filebacked-http.schema.json @@ -252,18 +252,24 @@ "reloadableMetadataResolverAttributes": { "$id": "reloadableMetadataResolverAttributes", "type": "object", + "required": [ + "minRefreshDelay", + "maxRefreshDelay" + ], "properties": { "minRefreshDelay": { "title": "label.min-refresh-delay", "description": "tooltip.min-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT5M" }, "maxRefreshDelay": { "title": "label.max-refresh-delay", "description": "tooltip.max-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT4H" }, "refreshDelayFactor": { "title": "label.refresh-delay-factor", diff --git a/ui/src/app/metadata/domain/data.js b/ui/src/app/metadata/domain/data.js index 45412d300..b97afbddb 100644 --- a/ui/src/app/metadata/domain/data.js +++ b/ui/src/app/metadata/domain/data.js @@ -9,4 +9,18 @@ export const DurationOptions = [ "PT8H", "PT12H", "PT24H" +]; + +export const RefreshOptions = [ + "PT1S", + "PT30S", + "PT1M", + "PT5M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT8H", + "PT12H", + "PT24H", ]; \ No newline at end of file diff --git a/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js b/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js index 106edfa55..e4e4be5b6 100644 --- a/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js +++ b/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js @@ -1,7 +1,7 @@ import defaultsDeep from 'lodash/defaultsDeep'; import { BaseProviderDefinition, HttpMetadataResolverAttributesSchema, MetadataFilterPluginsSchema } from './BaseProviderDefinition'; -import { DurationOptions } from '../../data'; +import { DurationOptions, RefreshOptions } from '../../data'; import { BASE_PATH } from '../../../../App.constant'; export const FileBackedHttpMetadataProviderWizard = { @@ -155,12 +155,12 @@ export const FileBackedHttpMetadataProviderWizard = { reloadableMetadataResolverAttributes: { minRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, maxRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, refreshDelayFactor: { diff --git a/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js b/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js index d97b8e041..5e9d617fe 100644 --- a/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js +++ b/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js @@ -1,7 +1,7 @@ import defaultsDeep from 'lodash/defaultsDeep'; import API_BASE_PATH from "../../../../App.constant"; import { BaseProviderDefinition } from "./BaseProviderDefinition"; -import { DurationOptions } from '../../data'; +import { RefreshOptions } from '../../data'; export const FileSystemMetadataProviderWizard = { ...BaseProviderDefinition, @@ -74,12 +74,12 @@ export const FileSystemMetadataProviderWizard = { reloadableMetadataResolverAttributes: { minRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, maxRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, refreshDelayFactor: { diff --git a/ui/src/app/metadata/wizard/MetadataProviderWizard.js b/ui/src/app/metadata/wizard/MetadataProviderWizard.js index d2cbc0864..8dcbf73cd 100644 --- a/ui/src/app/metadata/wizard/MetadataProviderWizard.js +++ b/ui/src/app/metadata/wizard/MetadataProviderWizard.js @@ -49,7 +49,6 @@ export function MetadataProviderWizard({onSave, loading, block}) { return ( <> -
} + 
{JSON.stringify(errors, null, 4)}
); } From 383002d3fc4f48f360a2742a5bb2dbe325ce742e Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 23 Jun 2022 12:07:34 -0700 Subject: [PATCH 14/22] SHIBUI-2273 "Resetting" the min and max refresh values to match the open saml code --- .../main/resources/db/changelog/changelog.sql | 28 ++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 561280f58..2653cdd64 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -1,6 +1,6 @@ -- liquibase formatted sql --- changeset liquibase:1.11.0 dbms:mysql +-- changeset liquibase:1.11.0.1 dbms:mysql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -60,7 +60,7 @@ ALTER TABLE service_name_aud GO --- changeset liquibase:1.11.0 dbms:mariadb,postgresql +-- changeset liquibase:1.11.0.1 dbms:mariadb,postgresql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -120,7 +120,7 @@ ALTER TABLE service_name_aud GO --- changeset liquibase:1.11.0 dbms:mssql +-- changeset liquibase:1.11.0.1 dbms:mssql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -155,4 +155,24 @@ GO EXEC sp_rename 'service_name.value', name_value, 'COLUMN' GO EXEC sp_rename 'service_name_aud.value', name_value, 'COLUMN' -GO \ No newline at end of file +GO + +-- changeset liquibase:1.11.0.2 dbms:mariadb,postgresql,mssql,mysql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ + +update filesystem_metadata_resolver set min_refresh_delay ='PT5M'; +update filesystem_metadata_resolver_aud set min_refresh_delay ='PT5M'; +update filesystem_metadata_resolver set max_refresh_delay ='PT4H'; +update filesystem_metadata_resolver_aud set max_refresh_delay ='PT4H'; + +update file_backed_http_metadata_resolver set min_refresh_delay ='PT5M'; +update file_backed_http_metadata_resolver_aud set min_refresh_delay ='PT5M'; +update file_backed_http_metadata_resolver set max_refresh_delay ='PT4H'; +update file_backed_http_metadata_resolver_aud set max_refresh_delay ='PT4H'; + +update resource_backed_metadata_resolver set min_refresh_delay ='PT5M'; +update resource_backed_metadata_resolver_aud set min_refresh_delay ='PT5M'; +update resource_backed_metadata_resolver set max_refresh_delay ='PT4H'; +update resource_backed_metadata_resolver_aud set max_refresh_delay ='PT4H'; \ No newline at end of file From 987208a97691beabb478f696226ba085bbdeab29 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 23 Jun 2022 15:23:31 -0700 Subject: [PATCH 15/22] SHIBUI-2273 Overriding calls that were getting made that break things. Those methods don't need to be used by the shibui functionality --- .../OpenSamlFileBackedHTTPMetadataResolver.java | 13 +++++++++++++ .../OpenSamlFilesystemMetadataResolver.java | 12 ++++++++++++ 2 files changed, 25 insertions(+) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java index c5d64dc5b..4b642e52a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java @@ -15,6 +15,7 @@ import javax.annotation.Nonnull; import javax.annotation.Nullable; +import java.io.File; import java.time.Duration; import java.time.Instant; @@ -135,4 +136,16 @@ public synchronized void refresh() throws ResolverException { } } } + + @Override + public void validateBackupFile(final File backupFile) throws ResolverException { + // NOPE, not going to validate this because the file reference is likely not to exist on the shibui server nor even be a + // valid path on the running server. The file is needed for the XML, but we shouldn't be validating it. + } + + @Override + protected byte[] fetchMetadata() throws ResolverException { + // NOPE, we don't need to try and fetch the metadata from either the URI nor the file + return null; + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java index c247e7b53..f8b9a856f 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java @@ -88,4 +88,16 @@ public void refilter() { logger.error("An error occurred while attempting to filter metadata!", e); } } + + @Override + public void validateMetadataFile(@Nonnull final File file) throws ResolverException { + // NOPE, not going to validate this because the file reference is likely not to exist on the shibui server nor even be a + // valid path on the running server. The file is needed for the XML, but we shouldn't be validating it. + } + + @Override + protected byte[] fetchMetadata() throws ResolverException { + // NOPE, we don't need to try and fetch the metadata + return null; + } } \ No newline at end of file From b2b3ad9ae902259ec4d31e30758846f505834ebc Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 29 Jun 2022 14:24:04 -0700 Subject: [PATCH 16/22] SHIBUI-2273 slight change for mariadb --- backend/src/main/resources/db/changelog/changelog.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 2653cdd64..5bece9633 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -1,6 +1,6 @@ -- liquibase formatted sql --- changeset liquibase:1.11.0.1 dbms:mysql +-- changeset liquibase:1.11.0.1 dbms:mysql,mariadb -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -60,7 +60,7 @@ ALTER TABLE service_name_aud GO --- changeset liquibase:1.11.0.1 dbms:mariadb,postgresql +-- changeset liquibase:1.11.0.1 dbms:postgresql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ From 71cbdc52c7888141e84e8b137b2ae44aea47030a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 1 Jul 2022 10:50:47 -0700 Subject: [PATCH 17/22] NOJIRA Fixing the footer version information --- backend/src/main/resources/application.properties | 8 +++++--- ui/src/app/App.constant.js | 10 ++++++++++ ui/src/app/core/components/VersionInfo.js | 14 +++++++++----- 3 files changed, 24 insertions(+), 8 deletions(-) diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index ba1b8f20f..f6af0610e 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -48,7 +48,7 @@ spring.liquibase.change-log=db/changelog/changelog.sql spring.jpa.hibernate.ddl-auto=update spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl spring.jpa.show-sql=false -spring.jpa.properties.hibernate.format_sql=false +spring.jpa.properties.hibernate.format_sql=true spring.jpa.properties.hibernate.check_nullability=true spring.jpa.hibernate.use-new-id-generator-mappings=true @@ -118,5 +118,7 @@ springdoc.swagger-ui.tagsSorter: alpha springdoc.writer-with-order-by-keys: true springdoc.pathsToMatch=/entities, /api/** # This property enables the openapi and swagger-ui endpoints to be exposed beneath the actuator base path. -management.endpoints.web.exposure.include=openapi, swagger-ui -management.server.port=9090 \ No newline at end of file +management.endpoints.web.exposure.include=openapi, swagger-ui, info +management.server.port=9090 +management.endpoints.web.cors.allowed-origins=* +management.endpoints.web.cors.allowed-headers=* \ No newline at end of file diff --git a/ui/src/app/App.constant.js b/ui/src/app/App.constant.js index 3b6af7f89..afa7a688c 100644 --- a/ui/src/app/App.constant.js +++ b/ui/src/app/App.constant.js @@ -5,8 +5,18 @@ export const getBasePath = () => { //replace(/^\/|\/$/g, '') }; +export const getActuatorPath = () => { + const url = new URL(document.getElementsByTagName('base')[0].href); + + var foo = document.createElement("a"); + foo.href = url.pathname?.replace(/^\/+/g, ''); + foo.port = "9090" + return foo.href; +} + export const BASE_PATH = getBasePath(); export const API_BASE_PATH = `${BASE_PATH}api`; +export const ACTUATOR_PATH = getActuatorPath(); export const FILTER_PLUGIN_TYPES = ['RequiredValidUntil', 'SignatureValidation', 'EntityRoleWhiteList']; diff --git a/ui/src/app/core/components/VersionInfo.js b/ui/src/app/core/components/VersionInfo.js index 1c6badfc1..1c88ad271 100644 --- a/ui/src/app/core/components/VersionInfo.js +++ b/ui/src/app/core/components/VersionInfo.js @@ -1,7 +1,7 @@ import React from 'react'; import useFetch from 'use-http'; -import { BASE_PATH } from '../../App.constant'; +import { ACTUATOR_PATH } from '../../App.constant'; import Translate from '../../i18n/components/translate'; @@ -11,11 +11,15 @@ const year = new Date().getFullYear(); const params = { year }; export function VersionInfo () { - - const { data = {} } = useFetch(`${BASE_PATH}actuator/info`, {}, []); + var opts = { + headers: { + 'mode':'no-cors' + } + } + const { data = {} } = useFetch(`${ACTUATOR_PATH}actuator/info`, opts, []); const [ versionData, setVersionData ] = React.useState(''); - + React.useEffect(() => { setVersionData(formatter(data)); }, [data]); @@ -29,4 +33,4 @@ export function VersionInfo () { ); } -export default VersionInfo; \ No newline at end of file +export default VersionInfo; From 7ee47095d75c433e1642f416927823f0da3314ba Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 5 Jul 2022 15:05:36 -0700 Subject: [PATCH 18/22] NOJIRA --- testbed/postgres/conf/application.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/testbed/postgres/conf/application.yml b/testbed/postgres/conf/application.yml index 2173107e1..56fd5e709 100644 --- a/testbed/postgres/conf/application.yml +++ b/testbed/postgres/conf/application.yml @@ -8,9 +8,11 @@ spring: username: shibui password: shibui jpa: + show-sql: false properties: hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect + dialect: org.hibernate.dialect.PostgreSQL95Dialect + format_sql: true server: port: 8443 ssl: @@ -135,4 +137,4 @@ custom: logging: level: org.pac4j: "TRACE" - org.opensaml: "INFO" + org.opensaml: "INFO" \ No newline at end of file From 48b93d31dd1c469a1bd2d3e4cb0ce2ee2d01fd9b Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 5 Jul 2022 16:45:21 -0700 Subject: [PATCH 19/22] SHIBUI-2273 Updating dialects --- backend/src/main/resources/application.yml | 9 +++++++++ testbed/mariadb/conf/application.yml | 4 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index 671000aa6..ffeab970c 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -1,3 +1,12 @@ +#spring: +# jpa: +# show-sql: false +# properties: +# hibernate: +# format_sql: true +# dialect: org.hibernate.dialect.PostgreSQL95Dialect +# OR SEE: https://access.redhat.com/webassets/avalon/d/red-hat-jboss-enterprise-application-platform/7.2/javadocs/org/hibernate/dialect/package-summary.html + #shibui: ## Default password must be set for the default user to be configured and setup # default-rootuser:root diff --git a/testbed/mariadb/conf/application.yml b/testbed/mariadb/conf/application.yml index 68018a4b9..82fe6fec7 100644 --- a/testbed/mariadb/conf/application.yml +++ b/testbed/mariadb/conf/application.yml @@ -10,7 +10,7 @@ spring: jpa: properties: hibernate: - dialect: org.hibernate.dialect.MariaDBDialect + dialect: org.hibernate.dialect.MariaDB103Dialect server: port: 8443 ssl: @@ -135,4 +135,4 @@ custom: logging: level: org.pac4j: "TRACE" - org.opensaml: "INFO" + org.opensaml: "INFO" \ No newline at end of file From b50795880f3657b2ed72d6165cc0fc488e9f59c8 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 7 Jul 2022 12:40:23 -0700 Subject: [PATCH 20/22] SHIBUI-2273 Fixing postgres lob issue --- .../tier/shibboleth/admin/ui/domain/X509Certificate.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java index b1db21b72..cff1a3c9d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java @@ -1,6 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; import lombok.EqualsAndHashCode; +import org.hibernate.annotations.Type; import org.hibernate.envers.Audited; import javax.annotation.Nullable; @@ -14,6 +15,7 @@ public class X509Certificate extends AbstractXMLObject implements org.opensaml.xmlsec.signature.X509Certificate { @Column(name = "x509CertificateValue") @Lob + @Type(type = "org.hibernate.type.TextType") private String value; @Nullable @@ -26,4 +28,4 @@ public String getValue() { public void setValue(@Nullable String value) { this.value = value; } -} +} \ No newline at end of file From 362a51d7a9fb7a63826a351f0667cbf06bd36234 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 12 Jul 2022 11:28:05 -0700 Subject: [PATCH 21/22] SHIBUI-2273 fixes for sqlserver docker --- testbed/sqlServer/conf/application.yml | 16 ++++++++-------- testbed/sqlServer/docker-compose.yml | 9 ++++++++- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/testbed/sqlServer/conf/application.yml b/testbed/sqlServer/conf/application.yml index 1e48abf4d..f69ccb318 100644 --- a/testbed/sqlServer/conf/application.yml +++ b/testbed/sqlServer/conf/application.yml @@ -1,6 +1,6 @@ spring: profiles: - include: + include: dev datasource: platform: sqlserver driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver @@ -11,13 +11,13 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.SQLServerDialect -#server: -# port: 8443 -# ssl: -# key-store: "/conf/keystore.p12" -# key-store-password: "changeit" -# keyStoreType: "PKCS12" -# keyAlias: "tomcat" +server: + port: 8443 + ssl: + key-store: "/conf/keystore.p12" + key-store-password: "changeit" + keyStoreType: "PKCS12" + keyAlias: "tomcat" shibui: user-bootstrap-resource: file:/conf/users.csv roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_PONY diff --git a/testbed/sqlServer/docker-compose.yml b/testbed/sqlServer/docker-compose.yml index a7509fe37..68276f256 100644 --- a/testbed/sqlServer/docker-compose.yml +++ b/testbed/sqlServer/docker-compose.yml @@ -23,7 +23,14 @@ services: - db networks: - front - + mailhog: + image: mailhog/mailhog:latest + ports: + - 1025:1025 + - 8025:8025 + container_name: mailhog + networks: + - front networks: front: driver: bridge \ No newline at end of file From dfc098bcb2b1611ddd01afe7195de7f2b8e6d0cc Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Fri, 15 Jul 2022 13:11:18 -0400 Subject: [PATCH 22/22] SHIBUI-2316 fixed sqlserver upgrade migration --- backend/src/main/resources/db/changelog/changelog.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 5bece9633..0a63846a3 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -132,9 +132,9 @@ EXEC sp_rename 'entity_attributes_filter_target_value.value', target_value, 'COL GO EXEC sp_rename 'entity_attributes_filter_target_value_aud.value', target_value, 'COLUMN' GO -EXEC sp_rename 'name_id_format_filter_target_value', target_value, 'COLUMN' +EXEC sp_rename 'name_id_format_filter_target_value.value', target_value, 'COLUMN' GO -EXEC sp_rename 'name_id_format_filter_target_value_aud', target_value, 'COLUMN' +EXEC sp_rename 'name_id_format_filter_target_value_aud.value', target_value, 'COLUMN' GO EXEC sp_rename 'organizationurl.value', uri_value, 'COLUMN' GO